October Scam of the Month: Crypto-currency Mining

You’re probably familiar with Bitcoin, the online cryptocurrency that has garnered quite a bit of both positive and negative attention. Mining is a part of all cryptocurrencies and forms the root of trust in the currency. Typically, “miners” make money for mining, trading computing resources for actual money. Lately, though, there has been a rise in unsanctioned Bitcoin and other cryptocurrency mining, in which attackers hijack your computing power and use it to make new currency and thus line their pockets.

A New Beast Appears

Recently, CBS’s Showtime was caught with a JavaScript exploit that was covertly using viewers’ web browsers to mine for Monero (an alternative to Bitcoin). Both Showtime.com and ShowtimeAnytime.com were pulling in code that forced browsers to use processing power mining the cryptocurrency. While it’s unlikely that CBS either knew about or sanctioned this activity, it nonetheless happened. It’s been difficult to get to the bottom of who was behind it, but it’s something that you as a small business should be aware of.

What You Need to Know

If illegal cryptocurrency mining happens to you, you’ll know it. Cryptocurrency mining will slow your computer to a halt. We are seeing quite a bit of this out in the wild, and small businesses in particular should make sure that they have prevention measures in place that will catch and stop this activity if it is directed against users on your network.

How to Stop Crypto-Coin Mining on Your Network

A number of the popular ad blockers have started including cryptocurrency miners and other resource abuse services in their block lists. There has also been a flurry of browser extensions released with the sole purpose of blocking these services. However as BleepingComputer pointed out, there are also browser extensions that secretly include resource abuse packages when you install them.

To help reduce the impact of these unwanted exploits, we released a new category for Strongarm’s content filtering feature that we call “Resource Abuse”. This category blocks everything from Coinhive and other cryptocurrency mining tools to Edgemesh, a new P2P CDN that also abuses an end user’s computing resources without their permission. Since releasing this new Content Filtering category, many of our customers are seeing hundreds of blocked requests per day on their networks and that number keeps growing.

We’ve found that blocking all of these “resource abusers” with our DNS-based filtering is the best and quickest solution to implement, and it only takes one click to block the whole category along with any other malware, ransomware, malvertising, and more.